Azure DevOps introduced a new `refName=~all` parameter for the `GET /git/policy/configurations` REST API endpoint, enabling clients to fetch all Git policies affecting a specific repository and any of its branches in a single request. Previously, enterprise policy management services had to retrieve all policies for an entire project and filter client-side, resulting in hundreds of megabytes of data per request. The new parameter performs server-side filtering, reducing CPU usage by 2x and cutting total execution time by 10-15x. The post explains the policy scope model, the difference between push and branch policies, and how the two existing API endpoints work, providing context for why this single API change delivers such dramatic performance gains at scale.
Table of contents
Git policy governance at a big enterprise Copy linkHow policies relate to projects, repos and branches Copy linkPolicy scope Copy linkQuerying the policies with REST API Copy linkThe Problem: Querying all the policies for one repo Copy linkThe Solution Copy linkConclusion Copy linkSort: